How to secure your endpoints in 2022 using Microsoft Endpoint Manager

Microsoft Endpoint Manager (MEM) – What Is It & How Can It Help Secure Your Endpoints?

By Steve Andrews  |  Published on January 11, 2022

Microsoft Endpoint Manager (MEM) – What Is It & How Can It Help Secure Your Endpoints


After a swift product shuffle and re-branding we find Microsoft Endpoint Manager emerging to rise up the Gartner ranks to become the leader in Unified Endpoint Management Tools.

So what is it?

Microsoft Endpoint Manager is the umbrella over services you may already be familiar with:

  • Microsoft Intune
  • Configuration Manager
  • Desktop Analytics
  • Co-management
  • Windows Autopilot

What does it focus on:

Endpoints are the new workplace

With the unprecedented shift to Remote Working recently, it has ben apparent that endpoints are the new workplace – wherever &, whenever access to your organizations apps and data is needed. This can be PC’s, mobile phones, operating systems, and the critical applications that drive the business.

So where to start?

Here are a few scenarios that may help you decide:

Does your organization provision a lot of new devices?

Start with Windows Autopilot.

To learn more about Netwoven’s Identity & Access Management Capability, Click here.

Does your organization add rules and control settings for your users, apps, and devices?

Start with Intune.

If Configuration Manager is used to deploy apps, and want to use conditional access based on security requirements…

Start with co-management.

If Configuration Manager is responsible for keeping Windows 10 devices current

Start with Desktop Analytics.

If you’re getting started with MDM and MAM, or use ADMX templates to control Office, Microsoft Edge, and Windows settings

Start with Intune.

How can it help secure your endpoints?

Using the Security Admin role you can leverage the “Endpoint Security” node within Intune – here these Endpoint security police s are designed to help focus on security of your devices and also to mitigate risk. This Endpoint Security node pulls all the tools within Intune into one place so you can keep devices secure.

Here’s some of the tasks you can take care of through the Endpoint Security node:

  1. Review status of all managed devices High level device compliance with drill down to specifics of which compliance policies we not met
  2. Get security baselines – which align best practice security settings for devices For Windows devices, pre-configured Windows settings to help apply a configuration recommended by relevant security teams
  3. Manage security configurations on devices via policies Focused policies for all aspects of device security such as disk encryption, antivirus etc.
  4. Device and user requirements through compliance policy Set the rules that both devices and users must meet before they are compliant, for example OS version, password requirements.

By Steve Andrews

Steve has more than 25 years of experience specializing in Microsoft Cloud, Infrastructure, & Security. He recently joins us from AdaptiveEdge where he was the Director of Cloud Platforms and help build the practice with 11 practitioners in the Southern California. He also has worked at other Microsoft Solution providers - Prosum as the Microsoft Practice Director and Perficient Inc. as the Consulting Manager & Sr. Technical Architect. Steve has developed go to market strategies as well as architected many Microsoft Cloud Security solutions, managed global Intune deployments, Teams deployments & migrations, Azure Site Recovery (ASR) and data center migrations to Azure.

Leave a comment

Your email address will not be published. Required fields are marked *

Unravel The Complex
Stay Connected

Subscribe and receive the latest insights

Netwoven Inc. - Microsoft Solutions Partner

Get involved by tagging Netwoven experiences using our official hashtag #UnravelTheComplex